Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

214 advisories

Loading
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses... Moderate Unreviewed
CVE-2017-1571 was published May 13, 2022
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses... Moderate Unreviewed
CVE-2017-1575 was published May 13, 2022
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than... Moderate Unreviewed
CVE-2018-1428 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was... Moderate Unreviewed
CVE-2019-5719 was published May 13, 2022
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14... Moderate Unreviewed
CVE-2019-6485 was published May 13, 2022
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is... Moderate Unreviewed
CVE-2021-22356 was published Nov 24, 2021
Broken encryption in EdgeX Foundry Moderate
CVE-2021-41278 was published for github.com/edgexfoundry/app-functions-sdk-go (Go) Nov 19, 2021
bnevis-i
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected... Moderate Unreviewed
CVE-2018-1996 was published May 13, 2022
Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt Moderate
CVE-2020-7689 was published for bcrypt (npm) Aug 20, 2020
Reliance on Cookies without validation in OctoberCMS Moderate
CVE-2020-15128 was published for october/rain (Composer) Aug 5, 2020
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side... Moderate Unreviewed
CVE-2018-0737 was published May 13, 2022
Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an... Moderate Unreviewed
CVE-2019-5754 was published May 13, 2022
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL... Moderate Unreviewed
CVE-2019-6593 was published May 13, 2022
RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a... Moderate Unreviewed
CVE-2018-11070 was published May 13, 2022
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA... Moderate Unreviewed
CVE-2018-11069 was published May 13, 2022
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication... Moderate Unreviewed
CVE-2019-7006 was published May 13, 2022
Invalid Curve Attack in openpgp Moderate
CVE-2019-9155 was published for openpgp (npm) Aug 23, 2019
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x... Moderate Unreviewed
CVE-2018-11057 was published May 13, 2022
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to... Moderate Unreviewed
CVE-2022-20117 was published May 11, 2022
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and... Moderate Unreviewed
CVE-2013-1053 was published May 5, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios... Moderate Unreviewed
CVE-2022-4610 was published Dec 19, 2022
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption,... Moderate Unreviewed
CVE-2009-2273 was published May 2, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a... Moderate Unreviewed
CVE-2022-46834 was published Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a... Moderate Unreviewed
CVE-2022-46833 was published Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a... Moderate Unreviewed
CVE-2022-46832 was published Dec 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database